package com.huawei.secure.android.common.ssl;

import android.os.Build.VERSION;
import android.util.Log;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;

public abstract class SSLUtil {
    private static final String E = "TLSv1.3";
    private static final String F = "TLSv1.2";
    private static final String G = "TLSv1.1";
    private static final String H = "TLSv1";
    private static final String[] I = new String[]{"TLS_DHE_DSS_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"};
    private static final String[] J = new String[]{"TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"};
    private static final String[] K = new String[]{"TEA", "SHA0", "MD2", "MD4", "RIPEMD", "NULL", "RC4", "DES", "DESX", "DES40", "RC2", "MD5", "ANON", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    private static final String[] L = new String[]{"CBC", "TEA", "SHA0", "MD2", "MD4", "RIPEMD", "NULL", "RC4", "DES", "DESX", "DES40", "RC2", "MD5", "ANON", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};
    private static final String TAG = "SSLUtil";
    private static final String TLS = "TLS";
    private static final String[] h = new String[]{"TLS_RSA", "TEA", "SHA0", "MD2", "MD4", "RIPEMD", "NULL", "RC4", "DES", "DESX", "DES40", "RC2", "MD5", "ANON", "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"};

    public static SSLContext setSSLContext() throws NoSuchAlgorithmException {
        if (VERSION.SDK_INT >= 29) {
            return SSLContext.getInstance(E);
        }
        if (VERSION.SDK_INT >= 16) {
            return SSLContext.getInstance(F);
        }
        return SSLContext.getInstance(TLS);
    }

    public static void setEnableSafeCipherSuites(SSLSocket sSLSocket) {
        if (sSLSocket != null && !setWhiteListCipherSuites(sSLSocket)) {
            setBlackListCipherSuites(sSLSocket);
        }
    }

    public static void setEnableSafeCipherSuitesForVmall(SSLSocket sSLSocket) {
        if (sSLSocket != null) {
            a(sSLSocket, true);
        }
    }

    public static boolean setWhiteListCipherSuites(SSLSocket sSLSocket) {
        if (sSLSocket == null) {
            return false;
        }
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        List arrayList = new ArrayList();
        String str = "";
        List asList = Arrays.asList(J);
        List asList2 = Arrays.asList(I);
        for (String str2 : enabledCipherSuites) {
            String toUpperCase = str2.toUpperCase(Locale.ENGLISH);
            if (VERSION.SDK_INT > 19) {
                if (asList.contains(toUpperCase)) {
                    arrayList.add(str2);
                }
            } else if (asList2.contains(toUpperCase)) {
                arrayList.add(str2);
            }
        }
        if (arrayList.isEmpty()) {
            return false;
        }
        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
        return true;
    }

    public static boolean setBlackListCipherSuites(SSLSocket sSLSocket) {
        return a(sSLSocket, false);
    }

    private static boolean a(SSLSocket sSLSocket, boolean z) {
        if (sSLSocket == null) {
            return false;
        }
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        List arrayList = new ArrayList();
        String str = "";
        String[] strArr;
        if (!z) {
            strArr = h;
        } else if (VERSION.SDK_INT > 19) {
            strArr = L;
        } else {
            strArr = K;
        }
        for (String str2 : enabledCipherSuites) {
            Object obj;
            String toUpperCase = str2.toUpperCase(Locale.ENGLISH);
            for (String toUpperCase2 : r0) {
                if (toUpperCase.contains(toUpperCase2.toUpperCase(Locale.ENGLISH))) {
                    obj = 1;
                    break;
                }
            }
            obj = null;
            if (obj == null) {
                arrayList.add(str2);
            }
        }
        if (arrayList.isEmpty()) {
            return false;
        }
        sSLSocket.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
        return true;
    }

    public static void setEnabledProtocols(SSLSocket sSLSocket) {
        if (sSLSocket != null) {
            if (VERSION.SDK_INT >= 29) {
                sSLSocket.setEnabledProtocols(new String[]{E, F, G});
            }
            if (VERSION.SDK_INT >= 16 && VERSION.SDK_INT < 29) {
                sSLSocket.setEnabledProtocols(new String[]{F, G});
            } else if (VERSION.SDK_INT < 16) {
                sSLSocket.setEnabledProtocols(new String[]{H});
            }
        }
    }

    public static void setSSLSocketOptions(SSLSocket sSLSocket) {
        if (sSLSocket != null) {
            setEnabledProtocols(sSLSocket);
            setEnableSafeCipherSuites(sSLSocket);
        }
    }

    public static void setSSLSocketOptionsForVmall(SSLSocket sSLSocket) {
        if (sSLSocket != null) {
            setEnabledProtocols(sSLSocket);
            setEnableSafeCipherSuitesForVmall(sSLSocket);
        }
    }

    public static void printTLSAndCipher(SSLSocket sSLSocket) {
        int i = 0;
        for (String str : sSLSocket.getEnabledProtocols()) {
            Log.i(TAG, "new enable protocols is : " + str);
        }
        String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
        int length = enabledCipherSuites.length;
        while (i < length) {
            Log.i(TAG, "new cipher suites is : " + enabledCipherSuites[i]);
            i++;
        }
    }

    public static String[] getEnabledProtocols(SSLSocket sSLSocket) {
        return sSLSocket.getEnabledProtocols();
    }

    public static String[] getEnabledCipherSuites(SSLSocket sSLSocket) {
        return sSLSocket.getEnabledCipherSuites();
    }
}
